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Remarks 

Claims 1-53 are pending. 

Drawings 

1 . The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) 
because they include the following reference character(s) not mentioned in the 
description: 

- Figure 1: 101, 102, 103, 117, 118, 119, 150, 181, 182, 184, and 186. 

- Figure 3: 101, 102, 117, 118, 119, 181, 182, 184, and 186. 

- Figure 7: 701, 702, and 715. 

Corrected drawing sheets in compliance with 37 CFR 1.121(d), or amendment to 
the specification to add the reference character(s) in the description in compliance with 
37 CFR 1.121(b) are required in reply to the Office action to avoid abandonment of the 
application. Any amended replacement drawing sheet should include all of the figures 
appearing on the immediate prior version of the sheet, even if only one figure is being 
amended. The replacement sheet(s) should be labeled "Replacement Sheet" in the 
page header (as per 37 CFR 1.84(c)) so as not to obstruct any portion of the drawing 
figures. If the changes are not accepted by the examiner, the applicant will be notified 
and informed of any required corrective action in the next Office action. The objection to 
the drawings will not be held in abeyance. 



Claim Objections 
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2. Claims 12, 13, 18, 26, and 44 are objected to under 37 CFR 1.75(a) because of 
the following informalities: 

- Claim 12, lines 1-2 recite the limitation "the connection link". There is 
insufficient antecedent basis for this limitation in the claims. For purposes of 
prior art rejected, it has been construed as "the communication link". 

- Claim 13, line 5: "to client network" should be "to the client network". 

- Claim 18, line 9: "one network" should be "one network server". 

- Claim 26, lines 1-2: "the transmission" should be "the data transmission link". 

- Claim 44, lines 1-2: "the transmission" should be "the data transmission link". 
Appropriate correction is required. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1, 2, 9-11, 13, 14, 16, 18, 20, 26-28, 30, 31, 33, 35, 36, 38, 44-46, 48, 49, 
51, and 53 are rejected under 35 U.S.C. 103(a) as being unpatentable over Crichton et 
al. (U.S. Patent 6,104,716) in view ofTavs et al. (U.S. Patent 6,073,175). 

Regarding Claim 36, 

Crichton et al. disclose a computer system comprising: 
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A processor inherently in a computer (Column 5, lines 1-8); and 
A memory storing a method for enabling a user to access a local 
area network (LAN) from a client device in a publicly accessible computer 
network and not directly connected to the LAN (Column 3, lines 40-43), 
wherein upon execution of the method on the processor the method 
comprises: 

Receiving at a client proxy device a data request from a client data 
processing device for data accessible from at least one network server in 
the LAN (Column 3, lines 60-63); 

Establishing a data transmission link between the client proxy 
device and a proxy server connected to the at least one network server in 
the LAN (Column 5, lines 9-16); and 

Authorizing at least one network server to serve the data request of 
the client data processing device (Column 3, lines 49-52). 

Crichton et al. do not disclose establishing a communication link 
between the client proxy device and the at least one network server, 
wherein the communication link includes the data transmission link. 

Tavs et al., however, disclose establishing a communication link 
between the client proxy device and the at least one network server, 
wherein the communication link includes the data transmission link 
(Column 4, lines 49-54 and Column 5, lines 29-38). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's invention 
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to incorporate the information access control system of Tavs et al. into the 
secure tunneling system of Crichton et al. in order to ensure that the client 
requesting the data has proper clearance for viewing or using each piece 
of data (Column 2, lines 35-39). 
Regarding Claim 18, 

Claim 18 is a method claim that corresponds to system claim 36 
and is rejected for the same reasons. 
Regarding Claim 35, 

Claim 35 is a computer program product claim that corresponds to 
claim 36 and is rejected for the same reasons. 
Regarding Claim 1, 

Claim 1 is a system claim that is broader than system claim 36 and 
is rejected for the same reasons. 
Regarding Claim 53, 

Claim 53 is a system claim that is broader than system claim 36 
and is rejected for the same reasons. 
Regarding Claim 38, 

Crichton et al. disclose that the at least one network server serving 
the data request is selected based on information included in the request 
(Column 3, lines 60-63). 
Regarding Claim 20, 



Application/Control Number: 09/930,873 Page 6 

Art Unit: 2137 

Claim 20 is a method claim that corresponds to system claim 38 
and is rejected for the same reasons. 
Regarding Claim 2, 

Claim 2 is a system claim that is broader than system claim 38 and 
is rejected for the same reasons. 
Regarding Claim 44, 

Crichton et al. disclose that the data transmission link between the 
proxy server and the client proxy device involves a secure communication 
via a public computer network (Column 5, line 63 to Column 6, line 6). 
Regarding Claim 26, 

Claim 26 is a method claim that corresponds to system claim 44 
and is rejected for the same reasons. 
Regarding Claim 9, 

Claim 9 is a system claim that is broader than system claim 44 and 
is rejected for the same reasons. 
Regarding Claim 45, 

Crichton et al. disclose that the request of the client data 
processing device to access at least one network server is authorized 
prior to establishing the communication link (Column 6, lines 30-33). 
Regarding Claim 27, 

Claim 27 is a method claim that corresponds to system claim 45 
and is rejected for the same reasons. 
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Regarding Claim 10, 

Claim 10 is a system claim that is broader than system claim 45 
and is rejected for the same reasons. 
Regarding Claim 46, 

Crichton et al. disclose that the data transmission link between the 
client proxy device and the proxy server is established through a firewall 
restricting access to the LAN (Column 4, lines 51-56). 
Regarding Claim 28, 

Claim 28 is a method claim that corresponds to system claim 46 
and is rejected for the same reasons. 
Regarding Claim 11, 

Claim 1 1 is a system claim that is broader than system claim 46 
and is rejected for the same reasons. 
Regarding Claim 48, 

Crichton et al. disclose that the client data processing device is part 
of a client network and the data transmission link between the client proxy 
device and the proxy server is further established through a firewall 
restricting access to the client network (Column 4, line 51-56). 
Regarding Claim 30, 

Claim 30 is a method claim that corresponds to system claim 48 
and is rejected for the same reasons. 
Regarding Claim 13, 
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Claim 13 is a system claim that is broader than system claim 48 
and is rejected for the same reasons. 
Regarding Claim 49, 

Crichton et al. disclose that the proxy server is located inside a 
firewall restricting access to the LAN (Column 4, lines 51-56). 
Regarding Claim 31, 

Claim 31 is a method claim that corresponds to system claim 49 
and is rejected for the same reasons. 
Regarding Claim 14, 

Claim 14 is a system claim that is broader than system claim 49 
and is rejected for the same reasons. 
Regarding Claim 51, 

Crichton et al. as modified by Tavs et al. does not disclose 
registering the client proxy device as a proxy at the client data processing 
device for executing an application that is proxy enabled. 

Tavs et al., however, disclose that the method further comprises 
registering the client proxy device as a proxy at the client data processing 
device for executing an application that is proxy enabled (Column 4, lines 
29-32). It would have been obvious to one of ordinary skill in the art at the 
time of applicant's invention to incorporate the information access control 
system of Tavs et al. into the secure tunneling system of Crichton et al. in 
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order to ensure that the client requesting the data has proper clearance for 
viewing or using each piece of data (Column 2, lines 35-39). 
Regarding Claim 33, 

Claim 33 is a method claim that corresponds to system claim 51 
and is rejected for the same reasons. 
Regarding Claim 16, 

Claim 16 is a system claim that is broader than system claim 51 
and is rejected for the same reasons. 

4. Claims 3-5, 12, 19, 21, 22, 29, 37, 39, 40, and 47 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Crichton et al. in view of Tavs et al., further in view of 
Brownell (U.S. Patent 6,754,831). 
Regarding Claim 37, 

Crichton et al. as modified by Tavs et al. does not explicitly disclose 
that the network server is selected based on a port. 

Brownell, however, discloses that the at least one network server 
serving the data request is selected based on a port of the client proxy 
device receiving the data request (Column 12, lines 32-48). It would have 
been obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate the firewall tunneling system of Brownell into the 
secure tunneling system of Crichton et al. as modified by Tavs et al. in 
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order to produce a user authenticated channel that can be used for secure 
communications (Column 13, lines 2-10). 

Regarding Claim 19, 

Claim 19 is a method claim that corresponds to system claim 37 
and is rejected for the same reasons. 

Regarding Claim 3, 

Claim 3 is a system claim that is broader than system claim 37 and 
is rejected for the same reasons. 

Regarding Claim 39, 

Crichton et al. as modified by Tavs et al. does not explicitly disclose 
that there is a mapping of ports in establishing the communication link. 

Brownell, however, discloses that establishing the communication . 
link between the client proxy device and the at least one network server 
includes a mapping of at least one port of the client proxy device to at 
least one port of the at least one server (Column 12, line 61 to Column 13, 
line 10). It would have been obvious to one of ordinary skill in the art at 
the time of applicant's invention to incorporate the firewall tunneling 
system of Brownell into the secure tunneling system of Crichton et al. as 
modified by Tavs et al. in order to produce a user authenticated channel 
that can be used for secure communications. 

Regarding Claim 4, 
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Claim 4 is a system claim that is broader than system claim 39 and 
is rejected for the same reasons. 
Regarding Claim 21, 

Claim 21 is a method claim that corresponds to system claim 39 
and is rejected for the same reasons. 
Regarding Claim 40, 

Crichton et al. as modified by Tavs et al. does not disclose that the 
mapping includes generating a list of assignments between the at least 
one port of the client proxy device and the at least one port of the at least 
one network server. 

Brownell, however, discloses that the mapping includes generating 
a list of assignments between the at least one port of the client proxy 
device and the at least one port of the at least one network server 
(Column 12, lines 32-48). It would have been obvious to one of ordinary 
skill in the art at the time of applicant's invention to incorporate the firewall 
tunneling system of Brownell into the secure tunneling system of Crichton 
et al. as modified by Tavs et al. in order to produce a user authenticated 
channel that can be used for secure communications (Column 13, lines 2- 
10). 

Regarding Claim 22, 

Claim 22 is a method claim that corresponds to system claim 40 
and is rejected for the same reasons. 
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Regarding Claim 5, 

Claim 5 is a system claim that is broader than system claim 40 and 
is rejected for the same reasons. 
Regarding Claim 47, 

Crichton et al. as modified By Tavs et al. does not disclose 
mapping a port of the client proxy device to a port of the firewall and 
mapping the port of the firewall to a port of the proxy server. 

Brownell, however, discloses further including mapping a port of the 
client proxy device to a port of the firewall and mapping the port of the 
firewall to a port of the proxy server (Column 12, line 61 to Column 13, line 
10). It would have been obvious to one of ordinary skill in the art at the 
time of applicant's invention to incorporate the firewall tunneling system of 
Brownell into the secure tunneling system of Crichton et al. as modified by 
Tavs et al. in order to produce a user authenticated channel that can be 
used for secure communications. 
Regarding Claim 29, 

Claim 29 is a method claim that corresponds to system claim 47 
and is rejected for the same reasons. 
Regarding Claim 12, 

Claim 12 is a system claim that is broader than system claim 47 
and is rejected for the same reasons. 
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5. Claims 6-8, 15, 23-25, 32, 41-43, and 50 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Crichton et al. in view of Tavs et al. and Brownell, further in 
view of Hubbard et al. (Hubbard et al., "Firewalling The Net", BT Technology Journal, 
BT Laboratories, GB, Volume 15, No. 2, 4/1/1997, pp. 94-106). 
Regarding Claim 41, 

Crichton et al. as modified by Tavs et al. and Brownell does not 
disclose retracing a set of mapping rules, wherein the mapping rules 
include information on establishing the data transmission link. 

Hubbard et al., however, disclose further including retrieving a set 
of mapping rules, wherein the mapping rules include information on 
establishing the data transmission link (Pages 95-96, Destination IP 
address section). It would have been obvious to one of ordinary skill in 
the art at the time of applicant's invention to incorporate the packet filtering 
scheme of Hubbard et al. into the secure tunneling system of Crichton et 
al. as modified by Tavs et al. and Brownell in order to obtain a flexible and 
fast filtering system based on rules (Page 98, Advantages of standard 
packet filters section). 
Regarding Claim 23, 

Claim 23 is a method claim that corresponds to system claim 41 
and is rejected for the same reasons. 
Regarding Claim 6, 
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Claim 6 is a system claim that is broader than system claim 41 and 
is rejected for the same reasons. 
Regarding Claim 42, 

Crichton et al. as modified by Tavs et al. and Brownell does not 
disclose that the mapping rules further include address information of the 
at least one network server in the LAN. 

Hubbard et al., however, disclose that the mapping rules further 
include address information of the at least one network server in the LAN 
(Pages 95-96, Destination IP address section). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's invention 
to incorporate the packet filtering scheme of Hubbard et al. into the secure 
tunneling system of Crichton et al. as modified by Tavs et al. and Brownell 
in order to obtain a flexible and fast filtering system based on rules (Page 
98, Advantages of standard packet filters section). 
Regarding Claim 24, 

Claim 24 is a method claim that corresponds to system claim 42 
and is rejected for the same reasons. 
Regarding Claim 7, 

Claim 7 is a system claim that is broader than system claim 42 and 
is rejected for the same reasons. 
Regarding Claim 43, 
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Crichton as modified by Tavs et al., Brownell, and Hubbard et al. 
disclose the system of claim 41, and further, Brownell discloses mapping 
at least one port of the client proxy device to at least one port of the proxy 
server (Column 13, lines 2-6) and mapping the at least one port of the 
proxy server to at least one port of the at least one network server 
(Column 12, lines 61-65), and Hubbard et al. disclose that the mapping is 
executed in accordance with the retrieved mapping rules (Pages 95-96, 
Destination IP address section). 
Regarding Claim 25, 

Claim 25 is a method claim that corresponds to system claim 43 
and is rejected for the same reasons. 
Regarding Claim 8, 

Claim 8 is a system claim that is broader than system claim 43 and 
is rejected for the same reasons. 
Regarding Claim 50, 

Crichton et al. as modified by Tavs et al. and Brownell does not 
disclose that the proxy server is configured to allow access only to 
selected network servers. 

Hubbard et al., however, disclose that the proxy server is 
configured to allow access only to selected network servers (Pages 95-96, 
Destination IP address section). It would have been obvious to one of 
ordinary skill in the art at the time of applicant's invention to incorporate 
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the packet filtering scheme of Hubbard et al. into the secure tunneling 
system of Crichton et al. as modified by Tavs et al. and Brownell in order 
to obtain a flexible and fast filtering system based on rules (Page 98, 
Advantages of standard packet filters section). 

Regarding Claim 32, 

Claim 32 is a method claim that corresponds to system claim 50 
and is rejected for the same reasons. 

Regarding Claim 15, 

Claim 15 is a system claim that is broader than system claim 50 
and is rejected for the same reasons. 

6. Claims 17, 34, and 52 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Crichton et al. in view of Tavs et al., further in view of lizuka et al. 
(U.S. Patent 6,424,980). 

Regarding Claim 52, 

Crichton et al. as modified by Tavs et al. does not disclose 
replacing at the client data processing device the name of the at least one 
network server by the name of the client proxy device and a specific port 
of executing an application that is not proxy enabled. 

lizuka et al., however, disclose that the method further comprises 
replacing at the client data processing device the name of the at least one 
network server by the name of the client proxy device and a specific port 
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of executing an application that is not proxy enabled (Column 31, lines 38- 
42). It would have been obvious to one of ordinary skill in the art at the 
time of applicant's invention to incorporate the retrieval scheme of lizuka 
et al. into the secure tunneling system of Crichton et al. as modified by 
Tavs et al. in order to be able to easily extract information from different 
locations and coherently display the information so a user can easily view 
it, without needing to know where each piece of information was retrieved 
from (Column 4, lines 44-65). 

Regarding Claim 34, 

Claim 34 is a method claim that corresponds to system claim 52 
and is rejected for the same reasons. 

Regarding Claim 17, 

Claim 17 is a system claim that is broader than system claim 52 
and is rejected for the same reasons. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeffrey D. Popham whose telephone number is (571)- 
272-7215. The examiner can normally be reached on M-F 9:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on (571)-272-3868. The fax phone 
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number for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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SUPERVISORY PATENT EXAMINER 



